580 likes | 696 Vues
Linux+ Guide to Linux Certification, Third Edition. Chapter 12 Network Configuration. Objectives. Describe the purpose and types of networks, protocols, and media access methods Explain the basic configuration of TCP/IP Configure a Network interface to use TCP/IP
E N D
Linux+ Guide to Linux Certification, Third Edition Chapter 12 Network Configuration
Objectives • Describe the purpose and types of networks, protocols, and media access methods • Explain the basic configuration of TCP/IP • Configure a Network interface to use TCP/IP • Configure a modem, ISDN, and DSL interface Linux+ Guide to Linux Certification, 3e
Objectives (continued) • Describe the purpose of host names and how they are resolved to IP addresses • Configure TCP/IP routing • Identify common network services • Use command-line and graphical utilities to perform remote administration Linux+ Guide to Linux Certification, 3e
Networks • Network: two or more computers joined via media and able to exchange information • Local area networks (LANs): connect computers within close proximity • e.g., used to allow connection to shared resources • Wide area networks (WANs): connect computers separated by large distances • e.g., used to connect to Internet Service Provider • Internet service provider (ISP): company providing Internet access Linux+ Guide to Linux Certification, 3e
Networks (continued) • Routers: computers capable of transferring information between networks • Protocol: set of rules for communication between networked computers • Packets: packages of data formatted by a network protocol • Packets can be recognized by routers and other network devices Linux+ Guide to Linux Certification, 3e
Networks (continued) • Linux network protocols: • TCP/IP (Transfer Control Protocol/Internet Protocol) • UDP/IP (User Datagram Protocol/Internet Protocol) • IPX/SPX (Internetwork Packet Exchange/Sequence Packet Exchange) • AppleTalk • DLC (Data Link Control) • DECnet (Digital Equipment Corporation network) Linux+ Guide to Linux Certification, 3e
Networks (continued) • Media access method: defines how networked computers share access to the physical medium • Contained within the hardware on NIC or modem • Ethernet: most common network media access method • Ensures that packets are retransmitted onto the network if a network error occurs • Token ring: popular media access method • Controls which computer has the ability to transmit information Linux+ Guide to Linux Certification, 3e
The TCP/IP Protocol • Set of protocols with two core components • TCP: ensures that packets are assembled in the correct order, regardless of arrival order • IP: responsible for labeling each packet with destination address • Together, TCP and IP ensure that information packets travel across the network as quickly as possible without getting lost Linux+ Guide to Linux Certification, 3e
IPv4 Addresses • IP address: unique number that identifies a networked computer • Octet: series of four 8-bit numbers • Common format of IPv4 addresses • Unicast: directed TCP/IP communication from one computer to another single computer Linux+ Guide to Linux Certification, 3e
IPv4 Addresses (continued) • IPv4 addresses composed of two parts • Network ID: network on which a computer is located • Host ID: single computer on that network • Two computers with different network IDs can have the same host ID • Only computers with same network ID can communicate without a router Linux+ Guide to Linux Certification, 3e
Subnet Masks • Define which part of IP address is the network ID and which part is the host ID • Series of four octets • Octet in subnet mask containing 255 is part of network ID • Octet in subnet mask containing 0 is part of host ID • ANDing: calculate network and host IDs from an IP address and subnet mask • Compare binary bits Linux+ Guide to Linux Certification, 3e
Subnet Masks (continued) Figure 12-1: A sample IP address and subnet mask Linux+ Guide to Linux Certification, 3e
Subnet Masks (continued) • 0.0.0.0 = all networks • 255.255.255.255 = all computers on all networks • 255 in an IP address can specify many hosts • Broadcast addresses Linux+ Guide to Linux Certification, 3e
Default Gateway • IP address of network interface on a router, to which you send packets • Routers can distinguish between different networks • Move packets between them • Have assigned IP addresses on each attached network Linux+ Guide to Linux Certification, 3e
IPv4 Classes and Subnetting • IP address class defines default subnet mask of associated device • All IP address classes can be identified by first octet • Class A: 8 bits for network ID, 24 bits for host ID • Assigned to very large companies • Class B: 16 bits for network ID, 16 bits for host ID • Assigned to larger organizations with several thousand users • Class C: 24 bits for network ID, 16 bits for host ID • Used for small and home networks Linux+ Guide to Linux Certification, 3e
IPv4 Classes and Subnetting • Multicast: TCP/IP communication destined for a certain group of computers • Class D addresses • Subnetting: divide a large network into smaller networks • Control traffic flow • Take bits from host ID; give to network ID Linux+ Guide to Linux Certification, 3e
IPv4 Classes and Subnetting (continued) Table 12-1: IP address classes Linux+ Guide to Linux Certification, 3e
The IPv6 Protocol • Number of IP addresses using IPv4 is unsuitable for Internet growth • IPv6 protocol: uses 128 bits to identify computers • Addresses written using eight 16-bit hexadecimal numbers • IPv6 address contains two portions • First half assigned by ISP and identifies network • Last half is link local portion: used to uniquely identify computers in a LAN Linux+ Guide to Linux Certification, 3e
The IPv6 Protocol (continued) • Few networks have adopted IPv6 • Proxy servers and NAT routers: computers or hardware devices that have an IP address and access to a network • Used by other computers to obtain network resources on their behalf • Allows computers behind different NAT routers or proxy servers to have the same IPv4 address Linux+ Guide to Linux Certification, 3e
Configuring a Network Interface • If NIC detected during installation, Fedora Linux automatically configures appropriate driver • insmod and modprobe commands: used to load kernel objects into the Linux kernel • Can be used to load NIC drivers • lsmod command: displays a list of currently loaded modules • rmmod command: removes module from kernel • Most modules loaded from dist.conf file in the /etc/modprobe.d directory Linux+ Guide to Linux Certification, 3e
Configuring a Network Interface (continued) • ifconfig command: assign TCP/IP configuration to a NIC • Also used without any arguments to view configuration of all network interfaces in computer • dhclient command: receive TCP/IP configuration from DHCP or Boot Protocol (BOOTP) server • Automatic private IP addressing (APIPA): automatic assignment of IP address in the absence of BHCP and BOOTP Linux+ Guide to Linux Certification, 3e
Configuring a Network Interface (continued) • /etc/sysconfig/network-scripts/ifcfg-interface file: Stores NIC configurations • Allows the system to activate and configure TCP/IP information at each boot time • ifdown command: unconfigures a NIC • ifup command: configures NIC using /etc/sysconfig/network-scripts/ifcfg-interface file • ping (Packet Internet Groper) command: Check TCP/IP connectivity on a network -c option: limit the number of ping packets sent Linux+ Guide to Linux Certification, 3e
Configuring a Network Interface (continued) Figure 12-2: Configuring network interfaces Linux+ Guide to Linux Certification, 3e
Configuring a Network Interface (continued) Figure 12-3: Configuring TCP/IP information for a network interface Linux+ Guide to Linux Certification, 3e
Configuring a Network Interface (continued) • Mobile commuters typically connect to many different NICs, both wired and wireless • Network Manager daemon: allows users to quickly connect to wired and wireless networks from desktop environments Linux+ Guide to Linux Certification, 3e
Configuring a PPP Interface • Run TCP/IP over serial lines using a WAN protocol • Three common Point-to-Point Protocol (PPP) connection technologies: • Modems • ISDN • DSL Linux+ Guide to Linux Certification, 3e
Configuring a PPP Interface (continued) • Modems: send TCP/IP information across normal telephone lines • Considered slow • Transmit information on a serial port • ISDN: set of standards designed to transmit data over copper telephone lines • DSL: connects to Ethernet NIC and transmits data across normal telephone lines Linux+ Guide to Linux Certification, 3e
Configuring a PPP Interface (continued) • Normally configured manually after Linux installation is complete • Requires: • Support for PPP compiled into kernel • PPP daemon • Supporting utilities such as chat program • Can use graphical programs to configure files and utilities to allow PPP communication Linux+ Guide to Linux Certification, 3e
Configuring a PPP Interface (continued) Figure 12-5: Adding a network interface Linux+ Guide to Linux Certification, 3e
Configuring a PPP Interface (continued) • Information about PPP devices stored in files named ifcfg-InternetServiceProviderName • Located in /etc/sysconfig/network-scripts directory • Other configurations used by PPP daemon stored in /etc/ppp and /etc/isdn directories • Incorrect passwords are the most common problem with PPP connections • Need to activate PPP device after configuration Linux+ Guide to Linux Certification, 3e
Name Resolution • Hostnames: user-friendly computer name • Fully qualified domain name (FQDN): hostname following DNS convention • DNS: hierarchical namespace for host names • whois command: used to obtain registration information about a domain within a name space • hostname command: view or set a computer’s host name Linux+ Guide to Linux Certification, 3e
Name Resolution (continued) Figure 12-6: The domain name space Linux+ Guide to Linux Certification, 3e
Name Resolution (continued) • TCP/IP cannot identify computers via hostnames • Must map hostnames to IP addresses • Can be done by placing entries in the /etc/hosts file • ISPs list FQDNs in DNS servers on Internet • Applications request IP addresses associated with a specific FQDN • Configure by specifying the IP address of the DNS server in /etc/resolv.conf file Linux+ Guide to Linux Certification, 3e
Routing • Route table: list of TCP/IP networks stored in system memory • route command: displays the route table • Multihomed hosts: computers with multiple network interfaces • IP forwarding: forwarding packets from one interface to another • Also known as routing Linux+ Guide to Linux Certification, 3e
Routing (continued) • Enabling routing: • Place number 1 in: • /proc/sys/net/ipv4/ip_forward for IPv4 • /proc/sys/net/ipv6/conf/all/forwarding for IPv6 • To enable routing at every boot: • Edit the /etc/sysctl.conf file to include: • “net.ipv4.ip_forward = 1” for IPv4 • “net.ipv6.conf.default.forwarding = 1” for IPv6 Linux+ Guide to Linux Certification, 3e
Routing (continued) • Large networks may have several routers • Packet may travel through several routers • May require adding entries in the router table • route add <route> command: add entries to route table • route del <route> command: remove entries from route table • ip command: can be used to manipulate the route table Linux+ Guide to Linux Certification, 3e
Routing (continued) Figure 12-7: A sample routed network Linux+ Guide to Linux Certification, 3e
Routing (continued) • Contents of route table lost when computer powered off • Add to /etc/rc.d/rc.local file • Most routers configured with a default gateway • For packets addressed to destinations not in route table • traceroute command: troubleshoot routing • Displays routers between current and remote computer Linux+ Guide to Linux Certification, 3e
Network Services • Must identify types and features of network services before they can be configured • Network services: processes that provide some type of valuable service for client computers on network • Often presented by daemon processes that listen to certain requests • Daemons identify packets to which they should respond using a port number Linux+ Guide to Linux Certification, 3e
Network Services (continued) • Port: number uniquely identifying a network service • Ensure that packets delivered to proper service • Range from 0 to 65534 • /etc/services file: lists ports and associated protocol • Well-known port: ports from 0 to 1023 • Represent commonly used services Linux+ Guide to Linux Certification, 3e
Network Services (continued) Table 12-2: Common well-known ports Linux+ Guide to Linux Certification, 3e
Network Services (continued) • Internet super daemon (xinetd): initializes appropriate daemon to provide needed network service • Stand-alone daemons: daemons that provide network services directly • Log information themselves to subdirectories under /var/log • chkconfig command or ntsysv utility can be used to configure most stand-alone daemons to start in various runlevels Linux+ Guide to Linux Certification, 3e
Network Services (continued) Figure 12-8: Interacting with network services Linux+ Guide to Linux Certification, 3e
Network Services (continued) Table 12-3: Common network services Linux+ Guide to Linux Certification, 3e
Network Services (continued) Table 12-3 (continued): Common network services Linux+ Guide to Linux Certification, 3e
Network Services (continued) Table 12-3 (continued): Common network services Linux+ Guide to Linux Certification, 3e
Network Services (continued) Table 12-3 (continued): Common network services Linux+ Guide to Linux Certification, 3e
Remote Administration: Telnet • telnet command: traditionally used to obtain a command-line shell on remote server • Receives host name or IP address of remote computer as argument • Easiest way to perform remote administration • Need to install telnet daemon using yum command • Use regular commands and exit to kill remote BASH shell Linux+ Guide to Linux Certification, 3e
Remote Commands • Remote commands: set of commands that can be used to execute commands on remote systems • yum install rsh-server • rlogin command: obtains a shell from remote computer on network • rcp command: copies files between computers • rsh command: used to execute a command on a remote computer Linux+ Guide to Linux Certification, 3e
Remote Commands (continued) • r commands allow access to remote computers without a password, if remote computer has trusted access • Trusted access: computers allowed to access a computer without providing a password • Does not apply to root user • Methods of setting up: • Add host names of computers to /etc/hosts.equiv • Create and .rhosts file in the home directory of each user who should get trusted access Linux+ Guide to Linux Certification, 3e